Recently I defaulted on my by internet bill and my internet connectivity was severed. Actually, the connection was active, but whenever I tried to open any website, I was redirected to this one: ” http://www.freetrial.bsnl.co.in/ ” telling me that I hadn’t cleared my bill. Once I paid it, the services resumed automatically. I was just wondering how my ISP (BSNL) was redirecting me to that site everytime. Was it DNS hijacking or maybe tracking my router’s MAC address to identify me? And how was it that once I cleared my dues, I was no longer being redirected? This question is purely academic curiosity!

Umair Adil

October 3, 2012 at 9:16 am

They cut off the the services for that particular user from the server

Saikat Basu

August 4, 2012 at 11:23 am

Yes, we are seeing this with lots of Indian ISPs lately. Even if you mistype an URL, it takes you to an ad-page. These are called ISP Redirect Pages.

The process is basic - every ISP runs a DNS server(s) that translate domain names into IP addresses that computers understand and use. When an ISP's DNS server receives a request to translate a name, the DNS server returns the IP address back to the customer's computer and the customer's computer is then able to connect to the requested resource.

As you didn't pay the bill, the DNS server simply took your IP address and redirected you to that specific page.

Subhom Mitra

August 4, 2012 at 1:34 pm

I had thought about that and tried to change the DNS server to see if I can get around it; neither OpenDNS nor Google DNS worked: I was still being redirected to that page.

The other thing I am interested in finding out is that how does the ISP identify me in the barrage of traffic it handles everyday. Does it use my router's MAC as a possible identifier or what?

And lastly, though many of my friends do get redirected to ISP Redirect Pages even when they mistype an URL (MTS does this, I think), I'm glad that BSNL, my ISP, doesn't do that!

Oron

August 4, 2012 at 10:59 pm

I don't know the correct answer, but you can rule out the router's MAC address since most ISPs allow you to use different routers (or modems). In other words, your MAC address is not fixed.
Many ISPs require your modem to log on using a username and password so presumably the server used for authentication can redirect any of your packets to the landing page. This is pure surmise though.

Subhom Mitra

August 5, 2012 at 4:26 pm

Actually my connection is an "always on" type connection. I just turn on my modem, it establishes the DSL link first and then I wait for the "Internet" light to turn on and I'm good to go. Although they've provided me with an username and password, I've yet to use it. It's been used mostly for billing purposes or checking my usage, etc.

Oron

August 5, 2012 at 4:49 pm

Yes, even the "always on" connections usually rely on a username & password embedded in the modem, although there are some ISPs who have dispensed with that.

Subhom Mitra

August 5, 2012 at 4:52 pm

So that means that a combination of my telephone line and the modem is at work? I haven't tried it yet, but if what you say is true, then I won't be able to access the internet if I connect with another modem? But when I was signing up for the connection, they did give me a choice to take a modem from them or get one myself; I took it from them as it also guaranteed tech support... although now I feel that this may have been a bad idea!

Subhom Mitra

August 4, 2012 at 1:54 pm

On an unrelated note, I really hate the pentagon dude with broken teeth who's sitting where my profile picture should be. Any pointers on how to deal with him? :)

Daniel Pettinger

August 5, 2012 at 1:30 pm

Mine was taken from my FB profile as that is what I use to login.

Subhom Mitra

August 5, 2012 at 1:32 pm

Your picture shows up as a white silhouette. My FB profile picture shows up next to my points and stuff, but that picture doesn't appear on my comments.

Daniel Pettinger

August 5, 2012 at 1:37 pm

Ah. Apparently makeuseof pulls the profile pictures from Gravatar. It checks to see if your email matches any used on gravatar, and if it does, it pulls that picture and uses it.